Placing it in your code behind page should work assuming your control is linked to the function. If you used the code verbatim, your login control must be named Login1. To verify your login control is using this function to authenticate: in visual studio
select the login control on your login.aspx page and under properties, click the events button. Next to Authenticate, you should see Login1_Authenticate. If its not there, just select it from the drop down or type it in. Rebuild and test it out...
Another note: If you're going to use this for a real system, I would use a regular expression or the validation application block to validate that the email address is in fact an email address. The code given only checks for an "@".
The asp.net membership provider was designed in a way that it is very easy to add existing events to the control to allow users to login with their choice of email address or user name.
1. Login Page: Add a new event handler to the login control: OnLoggingIn="Login_OnLoggingIn"
In your code behind get the UserName for the email address by calling the procedure:
aspnet_Membership_GetUserByEmail
2. Code Behind: I Kept this very simple. If the user entered an @ in the user id, then I assume they entered an email address (you could use regex but why bother if you site does not allow emails for user
ids).
You probably have by now but, here are the codes :
Login :
VB.Net
Protected Sub Login1_LoggingIn(ByVal sender As Object, ByVal e As System.Web.UI.WebControls.LoginCancelEventArgs) Handles Login1.LoggingIn
If Login1.UserName.Contains("@") Then
Login1.UserName = Membership.GetUserNameByEmail(Login1.UserName)
End If
End Sub
C#
protected void // ERROR: Handles clauses are not supported in C# Login1_LoggingIn(object sender, System.Web.UI.WebControls.LoginCancelEventArgs e)
{
if (Login1.UserName.Contains("@")) {
Login1.UserName = Membership.GetUserNameByEmail(Login1.UserName);
}
}
Password Recovery :
VB.Net
Protected Sub PasswordRecovery1_VerifyingUser(ByVal sender As Object, ByVal e As System.Web.UI.WebControls.LoginCancelEventArgs) Handles PasswordRecovery1.VerifyingUser
If PasswordRecovery1.UserName.Contains("@") Then
PasswordRecovery1.UserName = Membership.GetUserNameByEmail(PasswordRecovery1.UserName)
End If
End Sub
C#
Protected Sub PasswordRecovery1_VerifyingUser(ByVal sender As Object, ByVal e As System.Web.UI.WebControls.LoginCancelEventArgs) Handles PasswordRecovery1.VerifyingUser
If PasswordRecovery1.UserName.Contains("@") Then
PasswordRecovery1.UserName = Membership.GetUserNameByEmail(PasswordRecovery1.UserName)
End If
End Sub
Actually, the asp.net Membership provider, out of the box, does have a problem with using an email address for the username.
As already hacked out above, you can easily pass an email address into the username field. However, the username field is used as an index in the aspnet database and cannot be changed. Therefore when your user comes to change their email/username, they will
not be able to.
The strongly typed nature of the Membership provider indicates this. If you try to access the UserName property of a MembershipUser object, you will see that the property is ReadOnly and you cannot Set a value.
Scott Mitchell has done a nice article on getting around the problem, but just passing the email to the username field when the account is created is not a good solution unless you build in these changes too.
This is all well and good, until you attempt to add a forum to your site - much like the one we are in right here. Then, you realize that your entire user base must reveal their email adresses or actual names to others because you have no other means of
identifying them.
My advice (worth all of 2 cents), force them to assign user names in most cases.
Using email addresses for user names is a poor design choice for many reasons
Sorry but I have to disagree. For humans and email addresses...
People know their email address
Emails are universal in format
Email address has a real purpose - to identify a specific individual (who specifically then receives the message)
Usernames on the other hand ...
Are not universal in their format. Some site allow _ , some don't etc
Reinvent the wheel for purposes of identification. Post 2010, emails are more popular, well known. So much that usernames feel like an artificial requirement. Gone are the days of having just one login for your local unix server.
people forget them (due to #1, #2 above). Emperical evidence from the 'forgot username' links found at many places. I've yet to see a 'forgot your email address?' anywhere.
The issue is that technically, ASP.NET is inflexible to support the more human/natural solution. The technical solution (ASP.NET membership) should allow for using emails to login and have provisions to allow users to change their email address.
I'm sure microsoft is also aware of this because Windows Live and Windows 8 also use emails for logging in. As is the case with Google services, Apple ID and many others. Somebody at MS just hasn't done it!
joltinjoe03
Member
4 Points
2 Posts
Re: Membership Provider should allow users to login with Email Address+Password instead of Userna...
Mar 18, 2009 12:22 PM|LINK
Placing it in your code behind page should work assuming your control is linked to the function. If you used the code verbatim, your login control must be named Login1. To verify your login control is using this function to authenticate: in visual studio select the login control on your login.aspx page and under properties, click the events button. Next to Authenticate, you should see Login1_Authenticate. If its not there, just select it from the drop down or type it in. Rebuild and test it out...
Another note: If you're going to use this for a real system, I would use a regular expression or the validation application block to validate that the email address is in fact an email address. The code given only checks for an "@".
PatrickRR
Member
114 Points
53 Posts
Re: Membership Provider should allow users to login with Email Address+Password instead of Userna...
Dec 06, 2009 01:10 PM|LINK
The asp.net membership provider was designed in a way that it is very easy to add existing events to the control to allow users to login with their choice of email address or user name.
1. Login Page: Add a new event handler to the login control: OnLoggingIn="Login_OnLoggingIn"
In your code behind get the UserName for the email address by calling the procedure: aspnet_Membership_GetUserByEmail
2. Code Behind: I Kept this very simple. If the user entered an @ in the user id, then I assume they entered an email address (you could use regex but why bother if you site does not allow emails for user ids).
protected void Login_OnLoggingIn(object sender, EventArgs e)
{
if (Login1.UserName.Contains("@"))
{
Login1.UserName = MyDataLayer.GetUserIDFromEmail(Login1.UserName);
//Calls Proc aspnet_Membership_GetUserByEmail
}
}
That is it! Your user is logged in....
!!! Don't forget the Recover Password page to work in the same manner !!!
1. Add event handler: OnVerifyingUser="Recover_OnVerify"
2. Code Behind
protected void Recover_OnVerify(object sender, EventArgs e)
{
if (PasswordRecovery1.UserName.Contains("@"))
{
PasswordRecovery1.UserName = MyDataLayer.GetUserIDFromEmail(PasswordRecovery1.UserName);
}
}
That is it... new password sent to user.
This logic is implemented on MTR Investors Group a Stock Market Timing Model Site (mtrig.com) if you want to stop by and register (it is free).
Thanks,
Patrick
membership aspnet_membership
yongbum
Member
39 Points
154 Posts
Re: Membership Provider should allow users to login with Email Address+Password instead of Userna...
Jan 26, 2010 06:48 AM|LINK
Hi,
I tried your code (after converting it to vb.net) and I get the following error when I do a build:
error BC30451: Name 'Login1' is not declared.
My login control id is Login1.
Any ideas
Thanks
David
"paddling upstream searching for the source"
urbancommand...
Member
7 Points
10 Posts
Re: Membership Provider should allow users to login with Email Address+Password instead of Userna...
Apr 19, 2010 08:47 AM|LINK
You probably have by now but, here are the codes :
Login :
VB.Net
Protected Sub Login1_LoggingIn(ByVal sender As Object, ByVal e As System.Web.UI.WebControls.LoginCancelEventArgs) Handles Login1.LoggingIn If Login1.UserName.Contains("@") Then Login1.UserName = Membership.GetUserNameByEmail(Login1.UserName) End If End SubC#
protected void // ERROR: Handles clauses are not supported in C# Login1_LoggingIn(object sender, System.Web.UI.WebControls.LoginCancelEventArgs e) { if (Login1.UserName.Contains("@")) { Login1.UserName = Membership.GetUserNameByEmail(Login1.UserName); } }Password Recovery :
VB.Net
Protected Sub PasswordRecovery1_VerifyingUser(ByVal sender As Object, ByVal e As System.Web.UI.WebControls.LoginCancelEventArgs) Handles PasswordRecovery1.VerifyingUser
If PasswordRecovery1.UserName.Contains("@") Then
PasswordRecovery1.UserName = Membership.GetUserNameByEmail(PasswordRecovery1.UserName)
End If
End Sub
C#
Protected Sub PasswordRecovery1_VerifyingUser(ByVal sender As Object, ByVal e As System.Web.UI.WebControls.LoginCancelEventArgs) Handles PasswordRecovery1.VerifyingUser If PasswordRecovery1.UserName.Contains("@") Then PasswordRecovery1.UserName = Membership.GetUserNameByEmail(PasswordRecovery1.UserName) End If End SubMatt3.5
Member
333 Points
92 Posts
Re: Membership Provider should allow users to login with Email Address+Password instead of Userna...
May 13, 2010 03:05 PM|LINK
Actually, the asp.net Membership provider, out of the box, does have a problem with using an email address for the username.
As already hacked out above, you can easily pass an email address into the username field. However, the username field is used as an index in the aspnet database and cannot be changed. Therefore when your user comes to change their email/username, they will not be able to.
The strongly typed nature of the Membership provider indicates this. If you try to access the UserName property of a MembershipUser object, you will see that the property is ReadOnly and you cannot Set a value.
Scott Mitchell has done a nice article on getting around the problem, but just passing the email to the username field when the account is created is not a good solution unless you build in these changes too.
http://www.4guysfromrolla.com/articles/070109-1.aspx
zachbaker
Member
6 Points
3 Posts
Re: Membership Provider should allow users to login with Email Address+Password instead of Userna...
Jun 30, 2010 06:14 PM|LINK
to ahenderson:
Sounds like your problem is that you are showing usernames on your site!
chekmate111
Member
125 Points
115 Posts
Re: Membership Provider should allow users to login with Email Address+Password instead of Userna...
Mar 10, 2011 02:11 PM|LINK
abrahamdj
Member
4 Points
3 Posts
Re: Membership Provider should allow users to login with Email Address+Password instead of Userna...
Nov 30, 2011 05:17 AM|LINK
This is all well and good, until you attempt to add a forum to your site - much like the one we are in right here. Then, you realize that your entire user base must reveal their email adresses or actual names to others because you have no other means of identifying them.
My advice (worth all of 2 cents), force them to assign user names in most cases.
sidshetye
Member
9 Points
4 Posts
Re: Membership Provider should allow users to login with Email Address+Password instead of Userna...
May 07, 2012 09:44 PM|LINK
Sorry but I have to disagree. For humans and email addresses...
Usernames on the other hand ...
The issue is that technically, ASP.NET is inflexible to support the more human/natural solution. The technical solution (ASP.NET membership) should allow for using emails to login and have provisions to allow users to change their email address.
I'm sure microsoft is also aware of this because Windows Live and Windows 8 also use emails for logging in. As is the case with Google services, Apple ID and many others. Somebody at MS just hasn't done it!
Regards
Sid